Re: Get source IP of packet through PREROUTING CHAIN

["Gáspár Lajos" <swifty@freemail.hu>]

Hi Elison,

The conntrack subsystem knows about every connection.
So maybe you need to check that.

Elison Niven írta:
> Hi List,
>
> I have two interfaces eth0 and eth1 on my machine.
>
> My machine has eth0 = 192.168.1.100 and eth1 = 172.16.1.100
>
> The scenario is that I will be receiving packets at port 10000 on eth0
> of my machine. I do not know from which IP the packets are being
> received (Can be any machine - I do not need to apply a source address
> matching rule).
>   
You may not know the source IP, but your machine will, because it sees 
the packets coming from eth0's network.
> I need to forward these packets to another machine B that I do so with
> this rule:
>
> iptables -t nat -I PREROUTING -i eth0 -p udp \
>        --dport 10000 -j DNAT --to-destination 172.16.1.200
>
> Note that I have not added any -s option to the rule for source
> address matching.
>
> This also works properly. Now I need to _know_ the source IP and
> source Port of the packets that are being received at port 10000 on
> eth0. (For example to send some data back to the _same_machine_ that
> is sending packets at port 10000)
>   
Again. If the conntrack (in your machine) knows the source IP/port 
numbers then it will automagically replace them on the backroute.
It may be also a problem if your response packets are not SNAT-ed. (In 
the case the sender machines sending the packets directly to your machine.)
> How do I achieve this?
>
> Best Regards,
> Elison
>   
Swifty